beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
886 commits 83 branches 177 tags 151 MiB
Commit graph

221 commits

Author SHA1 Message Date
mmetc ef4bf6a8ab
grammar (#1257) 2022-02-14 13:47:15 +01:00
Thibault "bui" Koechlin 4fc7335112
fix help message (#1228) 2022-02-02 10:06:08 +01:00
mmetc ad28a979e9
local control flow cleanup (#1215) 
removed redundant/unreachable returns, else branches, type declarations, unused variables
 2022-02-01 22:08:06 +01:00
mmetc 35eea39db7
allow Makefile to override /etc/crowdsec and /var/lib/crowdsec/data (#1221) 2022-02-01 10:34:53 +01:00
mmetc 383eebf2b6
Makefile cleanup (#1211) 
* rm -f => $(RM)
* PHONY targets
* remove email plugin binary on cleanup
* unused make variables
 2022-02-01 09:22:47 +01:00
Thibault "bui" Koechlin dbde90d24c
fix #1200 (#1203) 2022-01-24 17:22:16 +01:00
Thibault "bui" Koechlin cc1ab8c50d
switch to utc time everywhere (#1167) 
* switch to utc time everywhere


Co-authored-by: alteredCoder <kevin@crowdsec.net>
 2022-01-19 14:56:05 +01:00
Thibault "bui" Koechlin 6e92da76ad
lapi to capi : allow push of tainted/custom/manual decisions (#1154) 
* add console command to control signal sharing
* modify metrics endpoint to add lastpush

Co-authored-by: alteredCoder <kevin@crowdsec.net>
 2022-01-13 16:46:16 +01:00
Thibault "bui" Koechlin 3bca25fd6d
lists support from central api (#1074) 
* lists support from central api

Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
 2022-01-11 14:31:51 +01:00
Shivam Sandbhor c109e0e7dd
Add option to print machine creds (#1149) 
* Add option to print machine creds

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2022-01-07 16:53:56 +01:00
Shivam Sandbhor ba71c55492
Fix cscli inpsect json output (#1145) 
* Fix cscli inpsect json output
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2022-01-05 10:42:27 +01:00
Shivam Sandbhor 6c4ec64ca9
Fix json output of cscli hub list (#1143) 
* Fix json output of cscli hub list
* Fix functional tests.

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2022-01-04 11:49:23 +01:00
mmetc cf175ab07e
fixed "help collections list" message (#1142) 
* fixed "help collections list" message

* corrected usage of "as well"
 2022-01-03 17:09:07 +01:00
he2ss ed38ca3a73
cscli: raise error on unknown collection remove (#1133) 2021-12-30 11:32:05 +01:00
AlteredCoder 9c8ca5c73a
Alert inspect improvement / Use correct CSV output when listing in raw format (#1127) 2021-12-29 14:08:47 +01:00
blotus 3105897f37
Allow to configure log rotation (#1130) 2021-12-28 11:59:03 +01:00
mmetc 7126f8f0ff
replaced &nbsp; (#1129) 2021-12-28 10:32:46 +01:00
Thibault "bui" Koechlin 6b13d73fca
fix #1057 (#1120) 2021-12-22 15:45:41 +01:00
mmetc 6b3e22e99a
add LD_OPTS to "go test" (#1115) 2021-12-21 10:21:34 +01:00
Thibault "bui" Koechlin 106254f020
support for cancel_on (#1105) 
* cancel_on filter

* tests
 2021-12-17 09:56:02 +01:00
AlteredCoder 88d06260d7
add cscli decisions import (#1038) 
* add cscli decisions import

Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
Co-authored-by: bui <thibault@crowdsec.net>
 2021-12-15 11:39:37 +01:00
AlteredCoder ab93cec736
return an error if we can't add a bouncer (#1085) 2021-12-14 11:09:57 +01:00
AlteredCoder 01130a5e17
add headers when using raw output (#1087) 
* add headers when output raw with cscli
 2021-12-14 11:09:26 +01:00
AlteredCoder 4c306187a6
fix hubtest --no-clean when failure (#1088) 2021-12-14 11:08:06 +01:00
Shivam Sandbhor 44d701a9dd
Fix null point error if server cfg is empty while doing cscli explain (#1096) 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2021-12-14 10:31:22 +01:00
Thibault "bui" Koechlin e5204bc1b1
fix #1083 : do not update/overwrite 'not installed' collections sub-items on 'cscli XX upgrade' (#1089) 
* fix #1083 : do not update/overwrite 'not installed' collections sub-items on 'cscli XX upgrade'
 2021-12-13 19:31:16 +01:00
mmetc c7fb6a1428
enabled -> enabling (#1090) 2021-12-13 13:14:29 +01:00
mmetc ca67be8fca
fatal if cannot add bouncer: fix for #1066 (#1067) 2021-12-13 10:30:55 +01:00
mmetc 7dee103b6e
typos of various nature (#1072) 2021-12-06 17:29:23 +01:00
AlteredCoder 4917aa23c9
Docker datasource (#1064) 
* add docker datasource
 2021-12-02 15:55:50 +01:00
he2ss 0652e9ed08
feature cscli|crowdsec add additional labels on crowdsec dsn run (#1053) 
* feature cscli|crowdsec add additional labels on crowdsec dsn run
 2021-11-17 10:08:46 +01:00
Thibault "bui" Koechlin 7362828a3b
add --failures to explain feature : only display failed lines (#1048) 
* add --failures to explain feature : only display failed lines

* no error no problem
 2021-11-08 18:01:43 +01:00
Thibault "bui" Koechlin d1ce543440
Improve explain (#1039) 
* improve explain feature

* nicer display for details, --verbose in favor of --debug for details
 2021-11-02 12:06:01 +01:00
mmetc f10187bd6d
typos (#1036) 2021-11-02 09:19:22 +01:00
Shivam Sandbhor 9034bb7919
Allow user to specify key for bouncers. (#1026) 
* Allow user to specify key for bouncers.

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2021-11-02 08:37:51 +01:00
Thibault "bui" Koechlin 02886140a7
add a --key to cscli config show (#1029) 
* add a --key to cscli config show
 2021-10-28 09:32:59 +02:00
AlteredCoder cf57c89177
add name and alias in cscli console enroll (#950) 
* add name and alias in cscli console enroll
 2021-10-26 15:33:17 +02:00
blotus 0d46890d6b
add --limit parameter to cscli decisions list (#1025) 2021-10-26 13:33:59 +02:00
blotus 25a2d528b0
Alerts flush: Optimization of the flush mechanism (batch and limit to one job) + add cscli alerts flush command (#1024) 
- Don't allow running more than one alert flush job at a time to prevent runaway CPU usage in some case. (fix High CPU after Upgrade to 1.2.0 #1022)
 - Add a cscli alerts flush command to manually flush the alerts in the database (fixes Improvement/Manual flush mechanism #1023 ).
 - Enable cascading deletion on alerts as we upgraded ent: Deleting an alert in the database will automatically delete all related decisions, events and meta
 - Add an index on alerts.id to try to improve flush performance with very big sqlite database.
- Flush alert now operates in batch
 2021-10-26 13:33:45 +02:00
Thibault "bui" Koechlin 76a80380e7
don't wait on tomb if no datasources were started (#1019) 2021-10-24 11:07:45 +02:00
Shivam Sandbhor a7b1c02bd5
Fix bugs in cloudwatch acq (#991) 
* Fix bugs in cloudwatch acq

- Fix concurrent writes to map streamIndexes
- Fix multiple cases of modifying while iterating on slice.
- Fix order of fetching cloudwatch events.
- Remove `startup` hack.

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>

* Fix cloudwatch tests

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2021-10-22 10:35:05 +02:00
AlteredCoder 203be9bfbf
fix typo in cscli help command (#1001) 
* fix typo in cscli help command

* Update hubtest.go
 2021-10-08 16:53:02 +02:00
AlteredCoder 37eedce72e
add functionnal test for hubtest (#996) 
* add hubtest in functionnal test
 2021-10-05 09:52:55 +02:00
Thibault "bui" Koechlin af4bb350c0
hubtests revamp + cscli explain (#988) 
* New hubtest CI for scenarios/parsers from the hub
 * New `cscli explain` command to visualize parsers/scenarios pipeline

Co-authored-by: alteredCoder <kevin@crowdsec.net>
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
Co-authored-by: he2ss <hamza.essahely@gmail.com>
Co-authored-by: Cristian Nitescu <cristian@crowdsec.net>
 2021-10-04 17:14:52 +02:00
blotus 9b680ae455
refuse to start if plugins are enabled and their config is missing (#954) 2021-09-09 16:07:33 +02:00
AlteredCoder 078c994159
don't install all items from hub when upgrade --force (#948) 2021-09-08 11:58:51 +02:00
Shivam Sandbhor b8e24a1e0b
Make plugin runner configurable and run only registered plugins (#944) 
* Make plugin runner configurable and run only registered plugins
 2021-09-08 11:36:42 +02:00
blotus 2f937cb53a
update doc generation (#926) 2021-09-03 12:56:17 +02:00
blotus ea640dfb6d
fix datasource prometheus metrics not being registered (#927) 2021-09-02 12:35:12 +02:00
AlteredCoder 4aca9941cb
allow deleting multiple machines (#930) 
* allow deleting multiple machines

* allow multiple bouncers deletion

Co-authored-by: AlteredCoder <AlteredCoder>
 2021-09-02 12:23:06 +02:00
blotus e54b5beb8d
Update cscli doc for docusaurus (#924) 2021-08-31 15:03:47 +02:00
ThinkChaos 448a227079
Minor changes to specific logs (#900) 
- Minor changes to specific logs
- Fix LAPI to not push signals to CAPI when disabled #907
 2021-08-25 18:30:05 +02:00
Thibault "bui" Koechlin 950759f6d6
Output plugins (#878) 
* Add plugin system for notifications (#857)
 2021-08-25 11:43:29 +02:00
Manuel Sabban 4dbbd4b3c4
Download datafile (#895) 
* add the ability to download datafile on cscli hub upgrade on files are missing
* fix stuff + lint
* fix error management

Co-authored-by: sabban <15465465+sabban@users.noreply.github.com>
 2021-08-19 09:08:20 +02:00
blotus 53f9837e6a
set hubBranch to master if not provided in the configuration and if crowdsec has been built without version information (#884) 2021-08-11 14:55:51 +02:00
Thibault "bui" Koechlin 2a6369658a
add a hook on fatal/panic to ensure we're logging to stderr as well (#879) 2021-08-05 08:50:08 +02:00
Thibault "bui" Koechlin 34a4371dde
check if api:client is present (#867) 2021-07-23 15:10:43 +02:00
Thibault "bui" Koechlin 657b765021
simplify, and only kill/wait on tomb when relevant (#866) 2021-07-23 11:09:56 +02:00
AlteredCoder d8b8795619
update completion doc (#850) 
Co-authored-by: AlteredCoder <AlteredCoder>
 2021-07-02 12:16:57 +02:00
Thibault "bui" Koechlin ca3e9ea487
load hub file properly when restoring config from tmpdir (#847) 2021-07-01 18:38:45 +02:00
Thibault "bui" Koechlin 033c8e17e8
fix #842 #837 (#845) 
* fix #842 and move preflight checks tgth

* handle new container name

Co-authored-by: AlteredCoder <AlteredCoder>
 2021-07-01 18:15:22 +02:00
he2ss 1b39893fcf
cscli: update completion doc (fix #841) (#846) 
* cscli: update completion doc (fix #841)
 2021-07-01 15:03:48 +02:00
blotus 556f93827a
refuse to run the dashboard if not on amd64 (#843) 2021-07-01 13:41:16 +02:00
blotus 3994aec7fe
add console enroll command to cscli (#828) 2021-06-28 17:34:19 +02:00
Thibault "bui" Koechlin ce6a61df1c
Refactor Acquisition Interface (#773) 
* Add new acquisition interface + new modules (cloudwatch, syslog)

Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
 2021-06-11 09:53:53 +02:00
Shivam Sandbhor f25d02a7c8
Allow bouncers to filter decisions by scope (#817) 
Signed-off-by: Shivam Sandbhor <shivam@crowdsec.net>
 2021-05-31 15:07:09 +02:00
Shivam Sandbhor 98277f5bb7
Gen passwd until it satisfies metabase policy (#792) 
Signed-off-by: Shivam Sandbhor <shivam@crowdsec.net>
 2021-05-17 11:43:53 +02:00
AlteredCoder fd830b4293
Fix some bugs (#788) 
* fix config restore

* fix panic on middleware

Co-authored-by: AlteredCoder <AlteredCoder>
 2021-05-07 18:40:01 +02:00
AlteredCoder a19f13ab45
fix cscli alerts delete -all (#769) 
Co-authored-by: AlteredCoder <AlteredCoder>
 2021-04-27 11:59:18 +02:00
AlteredCoder 60740f6279
fix makefile for static binaries (#764) 
* Fix LD_OPTS for static build

Co-authored-by: AlteredCoder <AlteredCoder>
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
 2021-04-26 14:45:52 +02:00
blotus 5e2412cc5d
cscli: sort meta by key in alerts inspect output (#762) 2021-04-23 13:42:14 +02:00
Thibault "bui" Koechlin 88e1095478
cscli machines|bouncers|dashboard error message clarification (#754) 2021-04-16 10:50:08 +02:00
Thibault "bui" Koechlin 2679867061
ensure to flush acquis config while reloading (#748) 2021-04-13 13:55:33 +02:00
Thibault "bui" Koechlin 59a9a6b6bf
ensure to load db config for dashboard commands (#731) 2021-03-31 11:32:38 +02:00
Thibault "bui" Koechlin 20ef67a699
cscli hub mgmt improvements (#710) 
* avoid this confusing behaviour where 'cscli parsers/scenarios/... upgrade' won't tell a thing if no arguments are given (and won't do anything neither)

* avoid repeating warnings about available update to the user
 2021-03-29 10:33:23 +02:00
AlteredCoder 20ccb32124
FreeBSD changes (#718) (#721) 
* FreeBSD changes (#718)

* Update build Makefile to be able to build on other platforms

Split Makefiles to isolate every specifics per platform if specific file
is not found, the include will default to linux.

* Isolate linux specific messages emitted by crowdsec command line

On other platforms, we shouldn't write messages with `systemctl`
occurrences. This commit isolate the specific messages and ensure the
messages are relevant for the given platform according result of `GOOS`.

* remove the test

Co-authored-by: Sofian Brabez <sbz@6dev.net>
Co-authored-by: AlteredCoder <AlteredCoder>
 2021-03-26 17:42:56 +01:00
AlteredCoder 73a10ef0e5
add autocompletion for cscli (#717) 2021-03-24 19:07:58 +01:00
AlteredCoder 1e899c2211
Refactor configuration management (#698) 2021-03-24 18:16:17 +01:00
AlteredCoder f1d23b51f6
fix null deref in cscli config (#694) 2021-03-16 16:09:11 +01:00
AlteredCoder 111e17e884
don't hide cscli version (#686) 
Co-authored-by: AlteredCoder <AlteredCoder>
 2021-03-12 16:17:28 +01:00
AlteredCoder f2d14c8ca2
update the config.yaml file (#674) 2021-03-11 11:18:09 +01:00
Thibault "bui" Koechlin c2d4fb037a
clarify help message, fix #659 (#672) 2021-03-10 14:58:19 +01:00
registergoofy 5b7ac4a473
[Rebased] fix races (#633) 
* get rid of dead code
* have LeakRoutined started in a tomb
* fix race and multiple small issues in the way we handle tombs
* yet another race fix
* another race
* get rid of leaky.KillSwitch for proper tomb use
* fix deadlock
* empty overflow before exiting
* fix an obvious typo
* proper use of waitgroup
* have a smart signalisation for allowing LeakRoutine being killed
* ugly workaround
* fix lint error
* fix compilation
* fix panic
* shorten lock
* up lock both copy
* wait for crowdsec to die
* fix coding style and lint issue
* go mod tidy

Co-authored-by: bui <thibault@crowdsec.net>
 2021-02-25 11:26:46 +01:00
AlteredCoder 8b504e9f67
improve logging in cscli and wizard (#643) 2021-02-25 11:20:36 +01:00
Thibault "bui" Koechlin 4565d82f79
don't try to login with zero scenarios (#627) 2021-02-18 09:59:28 +01:00
Thibault "bui" Koechlin 22ada59393
Allow for acquisition files to be specified from a directory as well (#619) 
* allow a acquisition_dir in crowdsec's config + change the behaviour of config loading so that it's working with a list instead. keep backward compat with acquisition_path

* remove the default behaviour of 'guessing' acquis path if param isn't present, and error
 2021-02-17 13:55:36 +01:00
Thibault "bui" Koechlin 7d93302e05
add a prometheus_uri option for cscli's config (#625) 
* add a prometheus_uri option for cscli's config, and update documentation

* specify min version
 2021-02-17 13:53:57 +01:00
AlteredCoder dae4458a6f
create crowdsec group for metabase and crowdsec.db (#606) 2021-02-10 09:23:33 +01:00
AlteredCoder 22c4962768
don't load lapi creds when running only api (#608) 
Co-authored-by: AlteredCoder <AlteredCoder>
 2021-02-09 17:59:35 +01:00
AlteredCoder e8709074f0
fix stack trace when missing cscli in config file (#607) 
Co-authored-by: AlteredCoder <AlteredCoder>
 2021-02-07 15:50:27 +01:00
Thibault "bui" Koechlin e74f221044
Fix default configurations (#597) 
* fix default perms on SQLite file

* seed the prng securely

* fix defaults to enforce certificates verification

* ensure file is within path

* ensure the directory doesn't exist beforehand

* verify certificate by default

* disable http ip forward headers
 2021-02-02 14:15:13 +01:00
AlteredCoder 81e7db71ed
Fix bugs in wizard and cscli (#577) 
* fix id generation bug

* fix api client response

Co-authored-by: AlteredCoder <AlteredCoder>
 2021-01-15 18:14:50 +01:00
Thibault "bui" Koechlin 986a0be812
fix wizard behaviour when detecting appropriate action (#573) 
* fix wizard behaviour when detecting appropriate action

* fix filter handling with cscli

* add ipv6 tests

Co-authored-by: AlteredCoder <AlteredCoder>
 2021-01-15 09:48:39 +01:00
AlteredCoder 5544000d38
lapi: fix ipv6 operations (#567) 2021-01-14 16:27:45 +01:00
Pͥetͣeͫr Zuidˢeͬmͨaͬ 1778ee840e
Sanitize id from either source (#568) 
On FreeBSD the uuid has dashes. So moved line 74 outside the if loop to have it sanitize either id source of dashes.
 2021-01-14 13:03:24 +01:00
Thibault "bui" Koechlin b79c897d99
fix the config restore feature for tainted configurations (#541) 2020-12-15 12:07:43 +01:00
Thibault "bui" Koechlin bb679310c7
deal with LAPI down : ensure client will reauthenticate (#527) 
* to avoid keeping apiclient in broken state, reset the token on error
 2020-12-14 11:54:16 +01:00
AlteredCoder 79080d4e36
Fix cscli hub (#534) 2020-12-14 11:53:30 +01:00
AlteredCoder 0ed92b20a0
fix prometheus URL used by cscli (#520) 2020-12-07 17:35:30 +01:00
erenJag a9353e3016
cscli: fix bug in restore command (#510) 2020-12-04 13:00:13 +01:00